olhelp
asked on
Public IP "Passthrough" on Cisco 1751
We have a vendor who is setting up a kiosk at our location and they require internet access to the unit. There is a PC and an IP printer in the kiosk which are connected to a Cisco 831 VPN router. Our T1 terminates into a Cisco 1751 and we were hoping to use our existing bandwidth to provide connectivity for the kiosk, but I'm not sure how to make it happen.
The kiosk company's tech configured the VPN router to use one of our public IP addresses of 216.x.x.28 /28 with the same default gateway as we do for our internet access (216.x.x.17 /28) with 10.240.53.0/29 for the LAN side of the router.
We have a very basic configuration for our 1751 with 192.168.1.0 /24 for our LAN subnet. I will provide specific details if required...
My question is: How can I get all internet traffic directed at 216.x.x.28 /28 to route directly to the VPN router? Thank you so much for your assistance!
The kiosk company's tech configured the VPN router to use one of our public IP addresses of 216.x.x.28 /28 with the same default gateway as we do for our internet access (216.x.x.17 /28) with 10.240.53.0/29 for the LAN side of the router.
We have a very basic configuration for our 1751 with 192.168.1.0 /24 for our LAN subnet. I will provide specific details if required...
My question is: How can I get all internet traffic directed at 216.x.x.28 /28 to route directly to the VPN router? Thank you so much for your assistance!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There can be issues with it, but since you pool of public address instead of just a single IP address that needs to be shared with many computers it’s generally less problematic since the ports can be mapped 1 to 1, IE port 50 inside goes to port 50 outside instead of something like port 50 inside goes to port 1024 outside like frequently happens when you are a single address with multiple devices, which reeks havoc with VPNS.
ASKER
Thanks for the response. I will try it tomorrow and let you know what happens (and award the points as necessry). Thanks!
ASKER
Funny how things work themselves out... As I was working with the vendor to get his VPN router changed, another issue came up with a web content filtering solution that we were implementing. It appears that the way our router was set up (especially NAT) causes all sorts of problems when other devices are introduced into the network. So we're going to redesign the network this weekend. Thanks for confirming that this current scenario had very little flexibility!
ASKER
Dr-IP, I've heard that there are issues with combining VPN and NAT, but I don't know any specifics right off hand... any thoughts or experience with this type of configuration?